Extending the life of hardware: a decision that can have high cybersecurity costs

The rising cost of equipment due to chip shortages and the advancement of AI is leading many companies to postpone upgrades. This practice, without proper updates, increases vulnerability to attacks and weakens protection against increasingly sophisticated threats.

Computers, servers, and even cell phones are among the devices whose prices are projected to rise in 2026. The reason? Lower production of chips and RAM, as both the raw material (silicon) and the factories producing these components are more focused on meeting the strong demand for AI.

Faced with this scenario of price increases, many organizations may decide to extend the lifespan of their current hardware, with the risks that this entails, primarily in cybersecurity.

In fact, resource limitations are one of the main concerns for small businesses: according to the latest report, The State of Ransomware in Enterprise, prepared by Sophos, 42% of SMEs identified a lack of personnel or capacity as a key reason for suffering a cyberattack.

María Claudia Ardila, Sales Director for Sophos in Southern Latin America, comments that “having up-to-date hardware, far from being obsolete, is vital to prevent security gaps. But another fundamental aspect is keeping the software updated. In this regard, organizations must ensure they have the latest patches and downloads regularly.”

Thus, having both updated hardware and software is crucial, as the former guarantees that the infrastructure is adequate and compatible with current requirements, and the latter helps close potential vulnerabilities that many attackers exploit to compromise systems.

In this sense, having updated firewalls can make a significant difference when facing a potential security incident. In the case of firewalls, the latest versions, such as v22 recently released by Sophos, make it much simpler to evaluate and correct the configuration, since its new feature assesses dozens of different configurations and compares them with CIS standards and best practices, providing instant information on areas that could present risks.

In the case of endpoints, another key factor is their ability to integrate with other systems, thus achieving the necessary synergy for continuous protection. An example of such integrations is the one announced a few months ago by Sophos Endpoint with Taegis, enabling immediate access to combined prevention, detection, and response capabilities on a single platform.

MDR Services: Increasingly Vital

However, an additional approach many organizations are using—without increasing man-hour costs or absorbing internal resources—is outsourcing services like MDR (Managed Detection and Response). These services allow for immediate alerts to any irregularities, anticipation of potential scenarios and vulnerabilities, and timely responses, since every minute counts in the event of a cyberattack.

Having MDR services, along with up-to-date hardware and software, provides a solid foundation for organizations to be prepared for any incident, especially given the numerous operational factors that can make a company a potential ransomware victim. In fact, according to The State of Ransomware in Enterprise, no single cause stands out as the primary reason.

“The rising cost of hardware is a possible scenario that will affect organizations in 2026. But there are always alternatives to address cybersecurity challenges, and the key is always to anticipate them,” concludes María Claudia Ardila of Sophos.

Fuente: www.itsitio.com